Si Cyber Intel: Mining Malware Is Still The Dominant Threat In Cybersecurity Landscape
Cryptocurrency mining malware refers to software programs and malware components that are developed to take over a computer's resources and use them for cryptocurrency mining without the user's explicit permission, and very often with a delivery system that spreads throughout the organisation (Malware). This results in a significant financial impact on the organisation caused by increased resource costs, performance degradation and disruption of core systems.
For those familiar with cybersecurity and cryptocurrency in particular, you would be aware of mining malware and its increasing threat in the cybersecurity landscape. Kapersky Lab’s data reveals a spike in cryptocurrency mining infections in recent years; in 2013 only around 205,000 endpoints were seen to be targeted, increasing to 1.65 million endpoints in the first eight months of 2017.
The recent Global Threat Index, released by cybersecurity company Check Point, has identified that for the fifth consecutive month 'Coinhive' crypto-miner is the "most prevalent malware" affecting organisations globally.
At the same time, US Company Malwarebytes released its Cybercrime tactics and techniques: Q1 report which highlighted the concerning fact that mining malware increased by 27% in the first three months of 2018.
Taking into consideration these reports and the yearly increase in the value of cryptocurrencies, mining malware is only going to continue to spread and it is imperative that organisations put the correct security measures in place to secure themselves from a malware attack.
How Si Cyber can help protect your organisation from a malware attack:
At Si Cyber, we are seeing an increased trend in the support we are giving our customers to help them mitigate these continually evolving threats and we have vast experience in blocking Miners at a very early stage across our customers global networks.
With 93% of breaches taking minutes or less to compromise one system, detection and response speed is paramount. Anything that provides less than 100% visibility is a wasted investment as it results in blind spots that prevent root cause identification and prevention of future attacks.
We provide our customers with real-time visibility through our AI driven SIEM which correlates an immense volume of security events. Our SIEM solution is leveraged by our highly qualified 24x7 SOC team and includes a host-based Forensic Detection (EDR) and Threat Intelligence service to proactively hunt threats, customise their detection and enable quick response. Our combined service enables our customers to swiftly answer the following questions:
- How did the problem start?
- What did the threat do?
- How many machines are infected?
- How can we resolve the threat?
- How do we prevent this from happening again?